{"id":"MGASA-2020-0334","summary":"Updated libx11 packages fix security vulnerability","details":"The X Input Method (XIM) client implementation in libX11 has some integer\noverflows and signed/unsigned comparison issues that can lead to heap\ncorruption when handling malformed messages from an input method\n(CVE-2020-14344).\n\nThe libx11 package has been updated to version 1.6.10 which fixes this issue.\n\nThe x11-proto-devel package has been updated to remove the\n\"/usr/include/X11/extensions/XKBgeom.h\" header file which has been moved to\nthe libx11-devel package.\n","modified":"2026-02-02T06:20:36.839104Z","published":"2020-08-18T18:47:25Z","related":["CVE-2020-14344"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2020-0334.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=27030"},{"type":"REPORT","url":"https://lists.x.org/archives/xorg-announce/2019-June/002997.html"},{"type":"REPORT","url":"https://lists.x.org/archives/xorg-announce/2019-October/003025.html"},{"type":"REPORT","url":"https://lists.x.org/archives/xorg-announce/2020-July/003052.html"},{"type":"REPORT","url":"https://lists.x.org/archives/xorg-announce/2020-July/003050.html"}],"affected":[{"package":{"name":"libx11","ecosystem":"Mageia:7","purl":"pkg:rpm/mageia/libx11?arch=source&distro=mageia-7"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.6.10-1.1.mga7"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2020-0334.json"}},{"package":{"name":"x11-proto-devel","ecosystem":"Mageia:7","purl":"pkg:rpm/mageia/x11-proto-devel?arch=source&distro=mageia-7"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2018.4-4.1.mga7"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2020-0334.json"}}],"schema_version":"1.7.3","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}